Hacker attacks are changing and improving at a tremendous speed, which even cyber security jobs experts can sometimes not keep track of. Nevertheless, information security experts identified the main trends, which are likely to continue.
All for mining
Experts in the field of cyber security engineer agree that the cryptocurrency trend will continue in 2018, which will lead to a large number of crimes related to mining and blockchain.
According to a High-Tech Bridge study, 94% of the most popular cryptocurrency related apps on Googe Play have at least three vulnerabilities. Such gaps in protection have attracted and will attract hackers, especially in the face of sharp fluctuations in the value of some virtual currencies.
Increasingly, there are reports of malicious software (software) that penetrates the victim’s computer or smartphone and uses the processor for hidden cryptocurrency mining. At the same time, system performance drops sharply, and the device slows down.
In addition, the crypto platforms themselves are hacked, from which attackers steal tokens, the cost of which can amount to millions of dollars.
Often, hackers perform the substitution of the crypto-wallet address, since it includes many characters and is difficult to remember by the owner, which is why the money is transferred to the scam account.
ESET product group manager Sergey Kuznetsov in 2018 predicts the emergence of new native miners for the hidden mining of cryptocurrencies, which will cover a wide range of devices: web servers, ordinary PCs, mobile devices. In addition, the expert suggested an increase in the number of attacks on ICO projects and cryptocurrency exchanges and services.
In IoT, the letter “S” means “security”
Recently, the topic of developing “smart cities” has been actively discussed in society, where the vital systems for such cities — traffic lights, roads, utilities — will be controlled via mobile networks. However, attacks through vulnerabilities of mobile networks can completely paralyze the work of the “smart city”.
Vulnerable mobile networks bind millions of “smart” devices that sooner or later “go crazy.”
According to experts, by 2021, the number of IoT devices connected to mobile networks will increase from 400 million to 1.5 billion.
The rapid penetration of smart devices in business and everyday life is another reason to think about the security of mobile networks, according to Positive Technologies. IoT devices penetrate not only into homes, but also into manufacturing, mining and energy.
A person takes a minimal part in their work: machines communicate with each other, making decisions without his participation. In this case, the compromise of even one “smart sensor” can lead to unpredictable consequences.
The world of the Internet of things has a different degree of security: from securely protected devices to frankly “leaky” ones, with the help of which an attacker can observe what is happening in your home.
ESET experts told Gazeta.Ru that 2018 could be marked by an increase in the number of malware for Smart TV, as well as the appearance of ransomware that blocks smart devices and requires a ransom for access restoration.
Ransomware on the rise
Michal Salat, Director of Avast Threat Research Department, called 2017 “the year of ransomware viruses” - the malware WannaCry and Petya affected both business and ordinary users.
“In the new year, such attacks will be even more serious, widespread and profitable. Attackers will use remote code execution vulnerabilities, which means that to distribute ransomware, you do not need to interact with the user himself, for example, like EternalBlue. In addition, hackers will be more selective in choosing victims and devices, which will make it harder to track down attacks, ”the Gazeta.Ru interlocutor said.
On the mobile front, the expert expects continued growth of fake applications that attack advertising users, but they pose the main threat to banking applications. Fake applications are cleverly disguised as legitimate, tricking users into account and bank card information.
In addition, ransomware will also switch to mobile devices, since now it stores, perhaps, more important information than on a computer. Mobile banking, social networks, photos, phonebooks - many users will not be ready to part with this information, which attackers can play on.
ATMs attract hackers
Positive Technologies statistics suggest that throughout 2017, financial companies were among the five most attacked by cybercriminals of the types of organizations.
The sad trend was the increasing attacks on ATMs, and fraudsters learned to control ATMs remotely through a local network of banks. In 2018, the growth of logical attacks on ATMs is forecasted.
The attack on ATMs has evolved from an approach accessible to units of attackers to a kind of mass market - a well-developed and replicated methodology with instructions and accessible tools.
Today, an attacker for several thousand dollars can acquire a complete set of tools on the black market, and then he can only choose an ATM, empty it, following the instructions, and look for the next one.
“You need to understand that the costs pay off very quickly: in just a few successful attacks. And this trend as a whole will continue until both banks and manufacturers of ATMs and protective equipment come to mass implementation of an effective security solution, ”experts at Positive Technologies concluded.